Enable auth for transmission and sonarr

docker/configs/authelia/access.yml

@@ -27,4 +27,22 @@
 ##
 ## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
 access_control:
-  default_policy: two_factor
+  default_policy: deny
+  rules:
+    # Support for one factor for transmission API
+    # Only users in "transmission-basic" should be allowed to do so
+    - domain_regex: '^transmission\..*'
+      policy: one_factor
+      subject:
+        - 'group:transmission-basic'
+    # Disable authentication on API protected by API keys
+    - domain_regex: '^(bazarr|prowlarr|radarr|sonarr)\..*'
+      policy: bypass
+      resources:
+        - '^/api$'
+        - '^/api/'
+    # Effective default policy, only allow admins with two-factor
+    - domain_regex: '.*'
+      policy: two_factor
+      subject:
+        - 'group:admins'